cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL Extras logfile created on: 23/03/2017 19:57:17 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\MSI4M\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.14393.0)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

7,88 Gb Total Physical Memory | 4,88 Gb Available Physical Memory | 61,95% Memory free
10,88 Gb Paging File | 7,30 Gb Available in Paging File | 67,04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 930,96 Gb Total Space | 603,02 Gb Free Space | 64,77% Space Free | Partition Type: NTFS

Computer Name: MEHDINGUE | User Name: MSI4M | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Extra Registry (All) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm[@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cpl[@ = cplfile] -- C:\WINDOWS\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\WINDOWS\winhlp32.exe (Microsoft Corporation)
.hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf[@ = inffile] -- C:\WINDOWS\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\WINDOWS\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\WINDOWS\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\WINDOWS\SysNative\WScript.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\WINDOWS\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\WINDOWS\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\WINDOWS\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\WINDOWS\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\WINDOWS\SysNative\WScript.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\WINDOWS\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\WINDOWS\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\WINDOWS\SysWow64\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\WINDOWS\SysWow64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\SysWow64\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\WINDOWS\SysWow64\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\WINDOWS\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\SysWow64\WScript.exe (Microsoft Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location '%V' (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location '%V' (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 61 69 40 88 0E 7E D2 01 [binary data]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]
"DontEnumerateCommonFilesUpgradeExe" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 1
"DefaultInboundAction" = 1
"DoNotAllowExceptions" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04707613-FE68-4B64-B06F-2E02305A6CCA}" = rport=2869 | protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{05D7A93D-435F-4999-BA8A-5E8E983AAA1D}" = lport=445 | protocol=6 | dir=in | app=system |
"{0A890C25-51F3-49C9-93A4-CEF31A0FFC1E}" = rport=137 | protocol=17 | dir=out | app=system |
"{1339A1DA-1590-44DB-81E6-524BE6AE30A4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1E48B0DC-E485-4B97-BF67-E9BB16A76194}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{1E7B34EB-BF55-4314-AC4A-3B84498D9354}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{278327B2-7076-49DB-82F0-1D814535002C}" = lport=139 | protocol=6 | dir=in | app=system |
"{36DF7707-3A03-4A41-B565-A644CD732031}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{3D6DCC0D-527F-4005-AEB0-A38D70053E6D}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\avira\scout\application\scout.exe |
"{43C545E5-8F4B-4BE6-B4F0-D6AF00742A8F}" = lport=137 | protocol=17 | dir=in | app=system |
"{474C9FFC-785C-4BC9-BA26-71052D69BF05}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{5B039C00-7E73-40A1-BBEE-6976DC13F3ED}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{804BC7AA-A304-44EE-A7F2-AB0B5BEF56AB}" = rport=445 | protocol=6 | dir=out | app=system |
"{853A40B0-0542-4997-924A-567260B06E28}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{97E49ABC-5212-4DA6-9701-4EAEFFCF84DA}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{A367B8DB-3D1C-478F-B70B-5141B9B35394}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C251EA34-CFD8-4E24-8E95-12909B6CCFB2}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{CAF17754-2843-4229-9922-7483D6FCF0F8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CCD20CA8-1BF7-4F44-AB20-95F04478BC6B}" = rport=139 | protocol=6 | dir=out | app=system |
"{CFA0D069-983E-4846-9393-A17034F63CFE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D0F9D0BC-66D2-4BD0-9E63-37E6FD9F62EA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DB7E1F25-9597-4AB0-9806-B53E11B668C7}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{DD71FAE5-99B3-41AC-B703-D700FCA25F23}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DF365310-31DF-4F79-9B64-7F4F9775A974}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\dashost.exe |
"{ECE52C9F-F0DC-4D72-A55E-15E763BA2719}" = lport=138 | protocol=17 | dir=in | app=system |
"{FCB8761F-B73D-40BD-BB5A-48C1B1B523FA}" = rport=138 | protocol=17 | dir=out | app=system |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{025B5AF9-1E03-484A-B621-C58F85C85E00}" = dir=out | name=@{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{050E4379-0442-4669-845D-1FB6CBF196FA}" = dir=in | name=@{windows.contactsupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{0662273D-457C-4439-A638-32BB70EECA60}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{067EDC96-466E-445E-906F-5434E0003E2C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\cef\cef.win7\steamwebhelper.exe |
"{0B571312-1945-434D-90E5-E41E3ADA2176}" = dir=in | name=@{microsoft.zunevideo_10.16122.10291.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{0F8E490D-5E85-43DA-BF92-9825B42BCD06}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{15177DD0-B75E-4827-9856-B080EDBB996F}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{16DD88A2-81BE-44F5-819D-44409A7826D5}" = dir=in | name=microsoft solitaire collection |
"{176AD8A6-F540-4320-9A40-F9984C2B95A5}" = dir=out | name=@{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{19D93669-5736-4348-8371-B60FA7E4A77E}" = dir=out | name=@{microsoft.zunevideo_10.16122.10291.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{1CF4FA6C-FD16-42B8-8FF7-D66E96940CFD}" = dir=in | name=@{microsoft.oneconnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} |
"{1D43B7A2-7F41-45F6-885F-4E4ED90AA4FD}" = dir=out | name=@{microsoft.microsoftedge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{1D5C702D-BE99-434B-950E-B307BEFF2E4E}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{1E0A7542-A54A-4C54-BF46-7D77A900C52E}" = dir=in | name=@{microsoft.messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{22912916-DB42-4D29-A5D2-BCF550C7C8BF}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{252369D6-5B32-4372-9424-0283D6501DAD}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{267E7F68-81D5-4B74-BC9F-452F7C36E056}" = dir=in | name=microsoft sticky notes |
"{2771E8D1-9F31-47CD-B5E3-E6081A60FD6F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\brawlhalla\brawlhalla.exe |
"{277D08A2-0772-4B56-8B30-73B5A1F9ADE2}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{2F470438-63DB-4C20-AE44-39AAD7667DAD}" = dir=out | name=@{microsoft.zunemusic_10.16122.10271.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{305A6DE5-32C9-4738-96DD-04DAF9CE32A1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\newz\newzlauncher.exe |
"{324E807C-B655-403D-A665-B24E864C968D}" = dir=out | name=@{microsoft.microsoftofficehub_17.7608.23501.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{342414CB-7EC8-428B-8AA4-7C4CACF78A34}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{34854EFD-2ABC-4360-A0EF-E708B9E56D99}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fishing planet\fishingplanet.exe |
"{38FF5A55-39A4-44A1-968F-1D8C721325FF}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{3A7126F4-ED92-4C1C-8EA4-D53729FE6879}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{3B34467F-09DE-4CFA-95D1-2A933932BC45}" = dir=out | name=@{microsoft.people_10.1.3410.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{3C77DEB2-2914-4F81-831B-95DB7BF1B7DC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\paint the town red\paintthetownred.exe |
"{3E8AE5D9-7352-428D-9060-6ED5E448185E}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{3F6CE6A1-4A94-462E-925A-F4B301A64535}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\paint the town red\paintthetownred.exe |
"{3FA1B0E7-F934-45C9-A335-2D598D6FAF0C}" = dir=in | name=@{windows.contactsupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{40B93EEB-3F28-4452-B0D6-D85BFD0CEF47}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.14393.693_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{40E07943-B5E0-4CA8-BEE3-D49C769FEA43}" = dir=in | name=@{microsoft.bingweather_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{46BA6E03-B774-4727-BEC8-A69416B6838D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fishing planet\fishingplanet.exe |
"{4914F357-CB81-4E63-B6B6-0A645CABB83C}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{49FC3508-EE3F-4F30-88FD-D14DC9570749}" = dir=out | name=@{microsoft.windows.photos_16.1118.10000.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{4C24A2A2-6FA8-4AB4-81D1-2580169B2538}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\brawlhalla\brawlhalla.exe |
"{4F0F6525-1AD9-43A9-92D9-BAA23C54CD28}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.7830.42257.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{5398C053-02B2-4F53-A95D-A5E3FD370670}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer.exe |
"{576C17CD-6F6F-441D-B29C-B8AE20C04659}" = dir=in | name=@{microsoft.windows.photos_16.1118.10000.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{57DCCCC8-296A-4B35-BCB3-2ED64DE80922}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\newz\newzlauncher.exe |
"{59D60FA9-FF5A-4E20-B54F-013927DBC273}" = dir=in | name=@{microsoft.windowsfeedbackhub_1.1611.3471.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{5AB97882-EB7E-4FAE-9E5B-3FA3DCA96697}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{5E0D289E-938D-49CC-83F6-3E7C6E448CC0}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.7830.42257.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{5F2F7995-0DFF-4BA4-9ADA-EFCBE0C31966}" = dir=out | name=@{microsoft.windowsstore_11610.1001.25.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{607C1FEA-5DC0-4DF5-9EA2-AFFB22728B41}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 3\arma3launcher.exe |
"{643831FA-217E-40FC-8CE8-EAD2658EA5A7}" = dir=in | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{6563FEBD-50EF-4B78-85C0-8E7AC99F627E}" = dir=out | name=@{microsoft.getstarted_4.4.11.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{65A787CE-A9DB-4C09-80A9-C022C73069BD}" = dir=out | name=@{microsoft.accountscontrol_10.0.14393.693_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{66C58620-C161-4ADB-84BB-B77C7EE6FC2A}" = dir=out | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{66E9727F-9FA2-48D0-BC26-320EC86B8FFC}" = dir=in | name=onenote |
"{6A69EA74-A39D-4B5E-BAA7-AB04003AC959}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{6AADA3AC-0999-472C-9727-6FA57E4BEF3A}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{6C1EAC81-64D7-4E9E-8209-5D4DE5C3C05F}" = dir=out | name=store purchase app |
"{6FB64F08-E738-47FC-AD68-6C1B68B1CE19}" = dir=in | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{6FF8E6B8-AC94-4232-9FBA-A2C22B44EB12}" = dir=out | name=@{microsoft.bingweather_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{7230352D-918E-4DE2-901F-8540B2857137}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{72A9BBE4-EDCF-43B1-9FCB-F818BEB12CB3}" = dir=out | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{779D4F30-3E87-482B-841D-6E1332B91353}" = dir=in | name=@{microsoft.skypeapp_11.10.152.0_x64__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/skypevideo_productname} |
"{7866EB3A-1A03-4A8D-B1BD-A05D7DC908B3}" = dir=in | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{78DAC0C4-BCD6-4989-97D0-CF34F7C334D9}" = dir=in | name=@{microsoft.microsoftofficehub_17.7608.23501.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{7F741F23-DA55-4E4C-AF0F-3C477E38317B}" = dir=in | name=@{microsoft.zunemusic_10.16122.10271.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{8422C18C-B162-496B-B7CB-1DA802505015}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{868503A8-7F19-4683-B7BC-5C9E88F26A2B}" = dir=out | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{8AA31C1D-2802-4957-BDED-84716BED88CD}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer_service.exe |
"{8CAB2887-A22C-4F9D-A4B1-5809CBA958C9}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{9194C4C5-0DF8-4AB8-88C1-6FA3DC0E036B}" = dir=out | name=@{microsoft.xboxidentityprovider_11.19.19003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxidentityprovider/resources/displayname} |
"{96A5548C-BF03-4E4F-BEBE-B610F2C0D900}" = dir=out | name=@{microsoft.3dbuilder_12.0.3131.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.3dbuilder/resources/appstorename} |
"{9A7E5DF7-3E00-435E-A901-8E865E24F0FE}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{9FCE4AE9-62B9-4F44-84AB-635FDACCDB75}" = protocol=6 | dir=in | app=c:\program files (x86)\hlsw\hlsw.exe |
"{A080912A-CA01-472B-A886-A03838E6A9F5}" = protocol=58 | dir=in | app=system |
"{A31E04E2-6DFF-49FD-8513-158DCAD31FB0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\garrysmod\hl2.exe |
"{A3DED87E-FD34-4656-B74D-2F7CC3538576}" = dir=out | name=@{microsoft.skypeapp_11.10.152.0_x64__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/skypevideo_productname} |
"{A91AEB1D-3BF3-43C9-B7B0-03E6E255E792}" = protocol=6 | dir=in | app=c:\users\msi4m\appdata\roaming\utorrent\utorrent.exe |
"{AF554FAB-1AE7-4F9B-A1A2-8F8299AF5F78}" = dir=in | name=@{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{B268CB59-7846-48B7-9B6D-6E3B393DB10B}" = dir=out | name=@{microsoft.lockapp_10.0.14393.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{B3E637AE-8A7D-478A-934C-AB95338A7A09}" = dir=in | name=@{microsoft.microsoftedge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{B5A78589-21BD-49EE-BCFF-D236027B822F}" = dir=in | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{B631602B-45AE-463D-B746-2DCB99B139E4}" = protocol=17 | dir=in | app=c:\program files\driverscloud.com\driverscloud.exe |
"{B6C12BC6-8048-48BB-8EFB-2F08ADB86C9E}" = dir=out | name=@{microsoft.lockapp_10.0.14393.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{B9B71230-001B-48D6-B547-0BF22B6D8567}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{BD4E311F-1095-4757-B034-C73EC8E72619}" = dir=out | name=@{microsoft.accountscontrol_10.0.14393.693_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{BD8FE3C6-508D-461D-B0E4-70ED717608BB}" = dir=in | name=@{microsoft.windowsstore_11610.1001.25.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{C1BEEE79-4796-4083-9B49-8DA0099BB2DD}" = dir=in | name=xbox |
"{C2BD7C0B-6C1A-4E18-A4B1-9C643253A201}" = dir=out | name=xbox |
"{C3CA7A98-FB30-4D05-A953-2D5B5F78FF25}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\cef\cef.win7\steamwebhelper.exe |
"{C4E4B560-1657-4955-9B39-03F96B78D6ED}" = protocol=17 | dir=in | app=c:\users\msi4m\appdata\roaming\utorrent\utorrent.exe |
"{C55DEA39-474D-4CB5-82C4-6AFB941F5DAE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{CAEAAD26-6822-41FB-AEA2-AD2C82AECCED}" = dir=out | name=@{microsoft.messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{CB5DBC85-0B6C-444B-B33C-5DE22429B486}" = dir=in | name=@{microsoft.microsoftedge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{CEBD332C-A61F-42C9-863D-3545364330B5}" = dir=out | name=@{microsoft.windows.apprep.chxapp_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} |
"{CEF6144A-84EF-4B4D-ACB5-2865C2F3F64A}" = dir=out | name=@{microsoft.windows.apprep.chxapp_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} |
"{CF0D8E09-4C3C-49BA-9CE1-40628E7B7D74}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{D0BA0701-94D3-424E-816A-9A4BBB3F93A4}" = dir=out | name=microsoft solitaire collection |
"{D174236B-E095-4ABE-BF61-432BC6641E86}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.14393.693_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{D3ED5A31-EC97-44FB-8855-5BBCF500259C}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer.exe |
"{D5435B22-903D-4E67-8DE6-8A83C64E30AF}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer_service.exe |
"{D887087D-0AFF-4F2F-BCED-5CB59B6D1612}" = dir=out | name=@{windows.contactsupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{D91F0015-C343-4EF2-9C6A-301F7A20F345}" = protocol=6 | dir=in | app=c:\program files\driverscloud.com\driverscloud.exe |
"{DFD128C2-8A53-4998-838A-76C872770351}" = dir=out | name=@{microsoft.microsoftedge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{E1FC4838-9397-43F2-B216-DAF63F84A338}" = protocol=17 | dir=in | app=c:\program files (x86)\hlsw\hlsw.exe |
"{E288D438-5297-4489-AE6D-5E598D9B12A3}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{E4EB6ED3-663A-4B17-A79E-D842E9D64082}" = dir=out | name=@{microsoft.windowsmaps_5.1611.3342.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |
"{E7686F06-BAFE-4349-B5BA-AC9B430361F8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\garrysmod\hl2.exe |
"{E77EFF7C-0625-4E1A-9B98-1199BCAAF0C6}" = dir=out | name=@{microsoft.windowsfeedbackhub_1.1611.3471.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{EF7B66B7-3A57-42A9-A988-83047A0D7F01}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 3\arma3launcher.exe |
"{F59A0D4C-D7AA-45B4-87EF-57A3342D67DB}" = dir=out | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{F7145272-D3F0-489D-BA77-846E5C646C02}" = dir=out | name=@{windows.contactsupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{F8C2FFFC-216A-42A3-B501-A9C2C1B8E869}" = dir=out | name=onenote |
"{F9B518C1-22D7-4683-9B4C-797AEABCF5C3}" = dir=out | name=microsoft sticky notes |
"{FBFC0481-527A-45F8-93AD-6D6167CD6CDF}" = dir=out | name=@{microsoft.oneconnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} |
"{FE74AC60-8083-48DF-B3CC-1985AB81D328}" = dir=in | name=@{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{FFB76415-84AE-4CB4-9C0E-204561EBE027}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"TCP Query User{1B114DFC-BC61-48B4-A9A2-51EF22E3CFDA}C:\romstation\emulation\saturn\yabause\yabause.exe" = protocol=6 | dir=in | app=c:\romstation\emulation\saturn\yabause\yabause.exe |
"TCP Query User{D85C819B-A4E6-4C15-B817-E2CEBF5F4069}C:\program files (x86)\steam\steamapps\common\newz\thenewz.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\newz\thenewz.exe |
"TCP Query User{D8976BC8-F19B-4E32-9D95-36394EB3DE30}C:\games\battlefield 1\bf1.exe" = protocol=6 | dir=in | app=c:\games\battlefield 1\bf1.exe |
"TCP Query User{F12DDD05-32D2-4F5D-A479-6D0F0F747D2D}C:\program files (x86)\hlsw\hlsw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hlsw\hlsw.exe |
"TCP Query User{F31EFF82-9FC2-4FC6-ADE0-96DA49F03607}C:\romstation\emulation\playstation portable\ppsspp\ppssppwindows.exe" = protocol=6 | dir=in | app=c:\romstation\emulation\playstation portable\ppsspp\ppssppwindows.exe |
"UDP Query User{2BF95188-2FE8-4AA3-B998-816E366296D7}C:\romstation\emulation\playstation portable\ppsspp\ppssppwindows.exe" = protocol=17 | dir=in | app=c:\romstation\emulation\playstation portable\ppsspp\ppssppwindows.exe |
"UDP Query User{4A86803A-24C8-40B3-AC92-6154BC6F1422}C:\program files (x86)\hlsw\hlsw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hlsw\hlsw.exe |
"UDP Query User{AFE44CA1-DF3B-44FA-BB79-DD081F1D0F0A}C:\games\battlefield 1\bf1.exe" = protocol=17 | dir=in | app=c:\games\battlefield 1\bf1.exe |
"UDP Query User{CDC0A4E6-303A-441F-84A2-A2B7AA0C93C5}C:\program files (x86)\steam\steamapps\common\newz\thenewz.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\newz\thenewz.exe |
"UDP Query User{EDBA6294-90B2-48B3-AD8C-0C728C652679}C:\romstation\emulation\saturn\yabause\yabause.exe" = protocol=17 | dir=in | app=c:\romstation\emulation\saturn\yabause\yabause.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E6763AA-A255-4BF9-8698-50E36CF15040}" = CheckDevicesConfigurator
"{205AE40D-8AD7-4F29-A430-DD2168DA562D}" = Intel(R) Rapid Storage Technology
"{224CC1EA-2433-4106-81BA-5D5432B11744}" = Intel® PROSet/Wireless WiFi Software
"{2CC9BF06-23A8-4A2A-AAC5-F5790D3DD7E5}" = SonicMapperConfigurator
"{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1" = Malwarebytes version 3.0.6.1469
"{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel(R) Rapid Storage Technology
"{4379DDE4-778B-4908-8ABA-5BA31F625C9B}" = ProductNSConfigurator
"{45759ED1-FC6C-4719-B503-7E9345796563}" = AudioLaunchpadConfigurator
"{49E32C1D-F5D8-4729-BD70-0C8EE30B4976}" = Nahimic2UISetup
"{50A2BC33-C9CD-3BF1-A8FF-53C10A0B183C}" = Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24215
"{55398EAC-F58E-4F19-B553-BDF8B9EFD839}" = Intel(R) Chipset Device Software
"{555B1C57-E71B-4775-BC1D-627EEF693F0D}" = Intel(R) ME UninstallLegacy
"{7EA1F26C-9A97-4FBF-81CF-51791FAA5175}" = LauncherSetup
"{8B57FEA1-ABC0-4469-9205-856FD0D97C40}" = SCM
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1" = Revo Uninstaller 2.0.2
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{b14b9c09-5373-46b7-8c90-6a25cc5ef2ec}" = Intel(R) PRO/Wireless Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel" = Ansel
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panneau de configuration NVIDIA 378.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Pilote graphique 378.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus Update 23.23.0.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Logiciel système PhysX 9.16.0318
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer" = NVIDIA Display Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS" = NVIDIA Display Container LS
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{D6E596F0-D92A-4A7C-8643-0DB4D94A9EB9}" = ApoDispatchConfigurator
"{E217E1DD-DB05-447D-8ED4-11CE492E1BC0}" = ProductDaemonSetup
"{EE4C500B-D09E-442B-9AB8-D2872A9ADE93}" = UIInstallUpgrade
"{EF1EC6A9-17DE-3DA9-B040-686A1E8A8B04}" = Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24215
"CCleaner" = CCleaner
"Steam App 107410" = Arma 3
"Steam App 291550" = Brawlhalla
"Steam App 337320" = Paint the Town Red
"Steam App 355840" = Survarium
"Steam App 380600" = Fishing Planet
"Steam App 4000" = Garry's Mod
"Steam App 555570" = Infestation: The New Z
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TAP-Windows" = TAP-Windows 9.21.2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"VulkanRT1.0.37.0" = Vulkan Run Time Libraries 1.0.37.0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{0b46d918-af4f-4612-8076-5c0ae67cb2aa}" = Avira Connect
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{223B62A8-F6FF-4BEB-BC17-230D12723CD0}_is1" = RomStation
"{4549ceb8-695a-42eb-a183-4820d542a15f}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{5853172b-5520-4089-9ef4-e26c594382b3}" = Logiciel Intel® PROSet/Wireless
"{5EFE0504-0BC4-11E1-8EDD-B32C4824019B}_is1" = The Elder Scrolls V Skyrim version 1.0
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}" = Battery Calibration
"{69BCE4AC-9572-3271-A2FB-9423BDA36A43}" = Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215
"{6C409395-030A-4C10-A176-DF11D01138CE}_is1" = Mad Max
"{7B0ACC7D-9AEE-4825-8AED-C7AC166034AB}" = Intel(R) Wireless Bluetooth(R)
"{7E8181AF-9679-49B3-B133-C265709B6927}" = Help Desk
"{8bd1653f-b053-4a68-8753-dd096b92dd0d}" = Nahimic 2
"{965B16C7-0778-4C45-B7D1-83A59E6FBBCB}" = Dragon Gaming Center
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{b3c7f59f-dc40-4be9-829c-77dd292978ea}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{B5189BB5-245F-4F43-95CB-DD6E3BA81EDC}_is1" = Battlefield 1 Ultimate Edition MULTi9 - ElAmigos version 1.0 u3
"{BBF2AC74-720C-3CB3-8291-5E34039232FA}" = Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215
"{BC5A9829-B67F-4E3A-83EE-0CDBDB6FBA1C}" = Avira Connect
"{BEB5FB69-4080-466F-96C4-F15DF271718B}_is1" = Project64 version 2.3.2.202
"{c7f54569-0018-439c-809a-48046a4d4ebc}" = Logiciel pour périphérique à chipset Intel®
"{d992c12e-cab2-426f-bde3-fb8c53950b0d}" = Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215
"{DFAB6DE8-E45F-4D5D-95C0-E54C58993F9F}" = Sizing Options
"{e2803110-78b3-4664-a479-3611a381656a}" = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1" = Windscribe version 1.61 build 9
"1446213994_is1" = No Man's Sky
"2022706229_is1" = No Man's Sky Pre-order DLC
"911 Operator_is1" = 911 Operator version 1.0
"Avira Antivirus" = Avira Antivirus
"Avira Scout" = Avira Scout
"Avira System Speedup_is1" = Avira System Speedup
"FileZilla Client" = FileZilla Client 3.24.0
"Google Chrome" = Google Chrome
"InstallShield_{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}" = Battery Calibration
"InstallShield_{7E8181AF-9679-49B3-B133-C265709B6927}" = Help Desk
"InstallShield_{965B16C7-0778-4C45-B7D1-83A59E6FBBCB}" = Dragon Gaming Center
"InstallShield_{DFAB6DE8-E45F-4D5D-95C0-E54C58993F9F}" = Sizing Options
"Just Cause 3_is1" = Just Cause 3
"Kona_is1" = Kona
"Life Is Strange Episode 5_is1" = Life Is Strange Episode 5
"pcsx2" = PCSX2 - Playstation 2 Emulator
"Steam" = Steam
"TeamViewer" = TeamViewer 12
"WinRAR archiver" = WinRAR 5.40 (32-bit)

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-79388000-2943985318-589479336-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Discord" = Discord
"OneDriveSetup.exe" = Microsoft OneDrive
"uTorrent" = µTorrent

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 22/03/2017 17:38:15 | Computer Name = MEHDINGUE | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Les services de chiffrement ont échoué lors du traitement de l appel
OnIdentity() dans l objet System Writer. Details: AddLegacyDriverFiles: Unable to
back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft.

System
Error: Accès refusé. .

Error - 22/03/2017 17:38:56 | Computer Name = MEHDINGUE | Source = VSS | ID = 8193
Description =

Error - 22/03/2017 19:26:57 | Computer Name = MEHDINGUE | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Échec de l activation de l application Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App
avec l erreur : -2144927141 Pour plus d informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.

Error - 22/03/2017 19:28:03 | Computer Name = MEHDINGUE | Source = Application Error | ID = 1000
Description = Nom de l application défaillante IntelCpHDCPSvc.exe, version : 1.0.0.1,
horodatage : 0x572a4b65 Nom du module défaillant : ntdll.dll, version : 10.0.14393.479,
horodatage : 0x5825887f Code d exception : 0xc0000005 Décalage d erreur : 0x000000000002f7db
ID
du processus défaillant : 0xa08 Heure de début de l application défaillante : 0x01d2a363f2df5b0f
Chemin
d accès de l application défaillante : C:\WINDOWS\system32\IntelCpHDCPSvc.exe Chemin
d accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll ID de rapport : 2501134f-688d-4f0a-8d67-a76e6fa9a55e
Nom
complet du package défaillant : ID de l application relative au package défaillant :


Error - 22/03/2017 19:29:08 | Computer Name = MEHDINGUE | Source = Perflib | ID = 1023
Description =

Error - 22/03/2017 20:15:23 | Computer Name = MEHDINGUE | Source = Application Error | ID = 1000
Description = Nom de l application défaillante IntelCpHDCPSvc.exe, version : 1.0.0.1,
horodatage : 0x572a4b65 Nom du module défaillant : ntdll.dll, version : 10.0.14393.479,
horodatage : 0x5825887f Code d exception : 0xc0000005 Décalage d erreur : 0x000000000002f7db
ID
du processus défaillant : 0xa98 Heure de début de l application défaillante : 0x01d2a36a8fc6e7be
Chemin
d accès de l application défaillante : C:\WINDOWS\system32\IntelCpHDCPSvc.exe Chemin
d accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll ID de rapport : d5a05b42-98dc-407c-a16b-79800d0571fc
Nom
complet du package défaillant : ID de l application relative au package défaillant :


Error - 23/03/2017 07:30:27 | Computer Name = MEHDINGUE | Source = Application Error | ID = 1000
Description = Nom de l application défaillante IntelCpHDCPSvc.exe, version : 1.0.0.1,
horodatage : 0x572a4b65 Nom du module défaillant : ntdll.dll, version : 10.0.14393.479,
horodatage : 0x5825887f Code d exception : 0xc0000005 Décalage d erreur : 0x000000000002f7db
ID
du processus défaillant : 0xa1c Heure de début de l application défaillante : 0x01d2a3c8dded419b
Chemin
d accès de l application défaillante : C:\WINDOWS\system32\IntelCpHDCPSvc.exe Chemin
d accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll ID de rapport : baf53430-384c-4b97-a09f-d701b7a96013
Nom
complet du package défaillant : ID de l application relative au package défaillant :


Error - 23/03/2017 08:41:18 | Computer Name = MEHDINGUE | Source = Application Error | ID = 1000
Description = Nom de l application défaillante chrome.exe, version : 57.0.2987.110,
horodatage : 0x58c9d368 Nom du module défaillant : mbae64.dll_unloaded, version
: 1.9.2.201, horodatage : 0x589c7caa Code d exception : 0xc0000005 Décalage d erreur
: 0x0000000000003827 ID du processus défaillant : 0x2284 Heure de début de l application
défaillante : 0x01d2a3d2a9816c16 Chemin d accès de l application défaillante : C:\Program
Files (x86)\Google\Chrome\Application\chrome.exe Chemin d accès du module défaillant:
mbae64.dll ID de rapport : 7c2105b4-3c31-4bd2-8da8-0cf6e6c96ba5 Nom complet du package
défaillant : ID de l application relative au package défaillant :

Error - 23/03/2017 08:54:00 | Computer Name = MEHDINGUE | Source = Application Error | ID = 1000
Description = Nom de l application défaillante ZHPCleaner.exe, version : 2017.3.22.49,
horodatage : 0x58d223a4 Nom du module défaillant : ZHPCleaner.exe, version : 2017.3.22.49,
horodatage : 0x58d223a4 Code d exception : 0xc0000005 Décalage d erreur : 0x00020e6a
ID
du processus défaillant : 0x1da8 Heure de début de l application défaillante : 0x01d2a3d366adce73
Chemin
d accès de l application défaillante : C:\Users\MSI4M\AppData\Roaming\ZHP\ZHPCleaner.exe
Chemin
d accès du module défaillant: C:\Users\MSI4M\AppData\Roaming\ZHP\ZHPCleaner.exe
ID
de rapport : 66987d2c-da49-4bea-a8a4-74f8f8b8429d Nom complet du package défaillant :
ID de l application relative au package défaillant :

Error - 23/03/2017 09:35:32 | Computer Name = MEHDINGUE | Source = Application Error | ID = 1000
Description = Nom de l application défaillante IntelCpHDCPSvc.exe, version : 1.0.0.1,
horodatage : 0x572a4b65 Nom du module défaillant : ntdll.dll, version : 10.0.14393.479,
horodatage : 0x5825887f Code d exception : 0xc0000005 Décalage d erreur : 0x000000000002f7db
ID
du processus défaillant : 0x8e8 Heure de début de l application défaillante : 0x01d2a3da57e2126e
Chemin
d accès de l application défaillante : C:\WINDOWS\system32\IntelCpHDCPSvc.exe Chemin
d accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll ID de rapport : 06a8f96d-9d78-4041-b9ac-61e9d7321156
Nom
complet du package défaillant : ID de l application relative au package défaillant :


Error - 23/03/2017 09:36:27 | Computer Name = MEHDINGUE | Source = Perflib | ID = 1008
Description =

[ System Events ]
Error - 23/03/2017 09:35:57 | Computer Name = MEHDINGUE | Source = Service Control Manager | ID = 7023
Description = Le service WEPHOSTSVC s est arrêté avec l erreur : %%1064

Error - 23/03/2017 09:35:57 | Computer Name = MEHDINGUE | Source = Service Control Manager | ID = 7024
Description = Le service WiaRpc s est arrêté avec l erreur spécifique au service
suivante : %%1722

Error - 23/03/2017 09:36:07 | Computer Name = MEHDINGUE | Source = Service Control Manager | ID = 7034
Description = Le service Wireless PAN DHCP Server s est terminé de façon inattendue
pour la 1ème fois.

Error - 23/03/2017 09:36:07 | Computer Name = MEHDINGUE | Source = Service Control Manager | ID = 7034
Description = Le service Intel(R) Content Protection HDCP Service s est terminé
de façon inattendue pour la 1ème fois.

Error - 23/03/2017 12:27:19 | Computer Name = MEHDINGUE | Source = DCOM | ID = 10016
Description =

Error - 23/03/2017 12:27:19 | Computer Name = MEHDINGUE | Source = DCOM | ID = 10016
Description =

Error - 23/03/2017 12:27:19 | Computer Name = MEHDINGUE | Source = DCOM | ID = 10016
Description =

Error - 23/03/2017 12:27:19 | Computer Name = MEHDINGUE | Source = DCOM | ID = 10016
Description =

Error - 23/03/2017 14:44:43 | Computer Name = MEHDINGUE | Source = DCOM | ID = 10016
Description =

Error - 23/03/2017 16:58:34 | Computer Name = MEHDINGUE | Source = DCOM | ID = 10016
Description =


< End of report >

Publicité


Signaler le contenu de ce document

Publicité